Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

What is 'YTowOnt9'?

Tags:

html

php

output

Our (PHP) framework sometimes renders hidden inputs with value YTowOnt9. I can't find that string anywhere in the (huge) codebase, and can't figure out where it came from. I decided to Google for that particular string, and the result surprised me. Over half a million - kind of random - hits. I haven't found any page describing the value itself. It has 0 hits on Stack Overflow.

Is YTowOnt9 some kind of magic string?

like image 764
Sherlock Avatar asked Apr 22 '14 15:04

Sherlock


1 Answers

It seems to be a PHP-serialized empty array, base 64 encoded.

$ base64 -D <<< 'YTowOnt9' a:0:{} $ php -r 'var_dump(unserialize(base64_decode("YTowOnt9")));' array(0) { } 

There are many scripts that serialize arrays of data. When the arrays have data, they vary greatly, so the Base64 encoded PHP-serialized values do too, but when they are empty they are all the same. It makes it look as if a lot of very different PHP scripts have this random string in common.

like image 52
kojiro Avatar answered Oct 19 '22 04:10

kojiro